North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: What *are* they smoking?

  • From: Matthew Kaufman
  • Date: Tue Sep 16 11:35:16 2003

And then Verisign starts using multiple IP addresses and rotating through
them. And then they stop giving any other clues that it is a wildcard
record. Great. Just what we need... To be in an escalating war with the
people running the root nameservers.

Since it is clearly in Verisign's business interest to make it impossible
for you to tell when you've been handed one of the wildcard replies, I don't
see this stopping any time soon.

Matthew Kaufman
[email protected]

> -----Original Message-----
> From: [email protected] [mailto:[email protected]] On 
> Behalf Of Tomas Lund
> Sent: Monday, September 15, 2003 6:14 PM
> To: Chris Adams
> Cc: [email protected]
> Subject: Re: What *are* they smoking?
> 
> 
> 
> On Mon, 15 Sep 2003, Chris Adams wrote:
> 
> > It appears that the most reliable way to detect a wildcard response 
> > for 'somedomain.tld' is to query for '*.tld'; if the results match, 
> > then 'somedomain.tld' doesn't really exist.
> 
> Just make up a number of fake domains and resolve them. If 
> they return the same answer, thats the answer to change back 
> into NXDOMAIN.
> 
> //tlund
>